LISTING OF CLAIMS 

1-8. (canceled) 

9. (currently amended) A server being equipped for 
establishing a trustworthy connection between a user 
and a terminal via a user input device comprising: 

a communication component for establishing and 
conducting communications along a first trusted 
connection with the terminal and along a second trusted 
connection with said user input device; 

receiver means for receiving at least one 
authentication request from said terminal; 

at least one authentication component for verifying the 
authenticity of the terminal; and 

a message generation component for generating at least 
one authenticity output message for delivery directly 
to said user input device along said second trusted 
connection. 

10. (original) The server according to claim 9 further 
comprising a session key creation component for 
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creating a session key to be communicated to said 
terminal . 

11 • (original) The server according to claim 9 further 
comprising at least one storage location for storing at 
least one user-specific authenticity output message and 
wherein said message generation component accesses the 
stored at least one user-specific authenticity output 
message for display to the user at said terminal. 

12. (currently amended) A method for establishing a 
trustworthy connection between a user via a personal 
device and a terminal which is connected to and 
authenticatable by at least one server which is 
authenticatable by said device^ comprising: 

said server authenticating said terminal; 

establishing a first authenticated trusted connection 
upon success of said authenticating; 

said server authenticating itself to said device; 

establishing a second trusted connection between said 
server and said device; and 
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said server providing a terminal authenticity message 
via said established second trusted connection 
confirming the established authenticity of said 
terminal . 

13. (original) The method according to claim 12 further 
comprising communicating said terminal authenticity 
message to said user. 

14. (original) The method according to claim 13 wherein 
said communicating comprises displaying said message by 
said device. 

15. (original) The method according to claim 13 wherein 
said communicating comprises displaying said message by 
said terminal. 

16. (original) The method according to claim 12 wherein 
said providing a terminal authenticity message 
comprises accessing at least one stored user-specific 
message. 

17. (original) The method according to claim 12 wherein 
said providing a terminal authenticity message 
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comprises exchanging a predetermined set of messages 
with said user, 

18. (original) The method according to claim 15 wherein 
stored predetermined authentication information (vec) 
is communicated from the device to the terminal for 
creating there an authenticity output message (mo) . 

19. (original) The method, according to claim 12 further 
comprising the device authenticating itself to the 
terminal . 

20. (original) The method according to claim 12 further 
comprising the device requesting that the user 
authenticate himself. 

21. (original) The method according to claim 14 wherein 
the device outputs the terminal authenticity message 
including at least one of visible, audible and tactile 
information. 

22. (original) The method according to claim 15 wherein 
the terminal outputs the terminal authenticity message 
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including at least one of visible, audible and tactile 
information. 

23. (original) The method according to claim 21 wherein 
the message is output only partially by the device, 
according to a preselection by the user. 

24. (original) The method according to claim 21 wherein 
the message is output only partially by the terminal 
according to a preselection by the user 

25. (original) The method according to claim 12 further 
comprising authenticating the device to the server. 

26. (original) The method according to claim 12 further 
comprising authenticating the user. 

27-29. (canceled) 

30. (currently amended) A program storage device 
readable by machine, tangibly embodying a program of 
instructions executable by the machine to perform 
method steps for a server to establish a trustworthy 
connection with a user via a user device at a terminal, 
said method steps comprising: 
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said server authenticating said terminal; 

establishing a first authenticated trusted connection 
upon success of said authenticating; 

said server authenticating itself to said device; 

establishing a second trusted connection between said 
server and said device; and 

rocoiving input — from a terminal — at v^yhich oaid uoor — irs- 
acGQooing oaid oorvcr; 

authenticating the terminal; and 

said server generating a terminal authenticity message 
and delivering said terminal authenticity message via 
said established second trusted connection confirming 
the established authenticity of said terminal -^oae 
delivery to aaid uacr dovico . 

31. (canceled) 
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